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(57) Abstract: A method and system for interchanging information safely between the user and a SIM Application Toolkit applica- 
tion in a telecommunication system comprising a terminal device (MS), connected to a telecommunication network (WN); a smart 
card (SC) inserted into the terminal device (MS); a WAP client program (WAPCUENT) and a SIM Application Toolkit (STK), 
arranged in the terminal device (MS) and/or the smart card (SC); and a first application (WMLSCRIPT) which is part of the WAP 
client program (WAPCUENT). The terminal device (MS) comprises the necessary features for using the WAP. As part of the WAP 
client program (WAPCLEENT), 
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the second application (DRIVER) is added to start and control the SIM Application Toolkit applications. The first application 
(WMLSCRIPT) calls the second application (DRIVER) when wishing to use SIM Application Toolkit applications. The second 
application (DRIVER) controls and manages the SIM Application Toolkit applications and the interchange of information between 
the user of the terminal device (MS) and the SIM Application Toolkit applications. 
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Safe information interchange between a user of a terminal 
and SIM application toolkit via WAP. 
FIELD OF THE INVENTION 

The present invention relates to telecommuni- 
cation systems. In particular, the invention relates 
5 to a method and system for interchanging information 
safely between the user and a SIM Application Toolkit 
application (SIM, Subscriber Identity Module) in a 
telecommunication system comprising a telecommunica- 
tion network; a terminal device which is connected to 

10 the telecommunication network; a smart card which has 
been inserted into the terminal device;- a WAP client 
program which has been arranged in the terminal de- 
vice; a SIM Application Toolkit which has been ar- 
ranged in the terminal device and/or smart card; and a 

15 first application which is part of the WAP client pro- 
gram. In the method, the terminal device comprises the 
necessary features for using the WAP. 



BACKGROUND OF THE INVENTION 

20 The use of the wireless application protocol 

is becoming common in solutions in which a connection 
is needed between portable terminal devices, such as 
mobile stations and the Internet applications, e.g. 
electronic mail, WWW (World Wide Web), news groups. 

25 The wireless application protocol provides an archi- 
tecture which adapts mobile phones, browser programs 
of mobile phones, and the WWW to work as a functional 
entity. The HTML language (Hyper Text Mark-up Lan- 
guage) used in the WWW is translated into a WML (Wire- 

30 less Mark-up Language) designed for the wireless en- 
vironment, when information is being transmitted to 
mobile stations. At present, as the description lan- 
guage of the WAP standard, the WML language is used, 
but the language may be understood to mean also any 

35 other description language consistent with the future 
WAP standard. The wireless application protocol com- 
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prises of the following five layers: wireless applica- 
tion environment (WAE , Wireless Application Environ- 
ment) , wireless session layer (WSL, Wireless Session 
Layer) , wireless transaction layer (WTP, Wireless 
5 Transaction Layer) , wireless transport layer security 
(WTLS, Wireless Transport Layer Security) , and wire- 
less datagram layer (WDP, Wireless Datagram Layer) . 
The wireless application environment is used to mean, 
e.g. a WTA ( WTA, Wireless Telephone Application), or 

10 some other suitable environment. Lowermost is yet a 
system dependant layer which defines the transfer mode 
of the information inside the system in' question. The 
specification accepted at the moment is the WAP speci- 
fication 1.1. The aforementioned specification and 

15 other WAP related specifications are available at the 
Internet address www . wapf orum . com . 



founded in 1997 the WAP Forum. The WAP Forum is among 
other things an open association of terminal manufac- 

20 tures, operators and different service providers, 
which anyone can join. One specific objective of the 
WAP architecture is to enable the use of services pro- 
vided by the Internet on terminals whose data process- 
ing capacity, size of display or storage capacity is 

25 small or restricted. Terminals as described above are, 
e.g. mobile stations and PDAs (PDA, Personal Digital 
Assistant) . The WAP specification does not take a 
stand on the fact of how the overhead interface is im- 
plemented. This makes it possible for different opera - 

30 tors, terminal manufactures and software manufactures 
to take advantage of the possibilities provided by the 
standards . 



cation network, e.g. a GSM system (GSM, Global System 
35 for Mobile communications) as compared with a public 
switched telephone network (PSTN, Public Switched 
Telephone Network) is the mobility management. The mo- 
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The undeniable advantage of a mobile communi- 
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bile communication network enables one to make and re- 
ceive phone calls anywhere in the coverage area of the 
network. In this application, a mobile communication 
network is advantageously used to mean a digital mo- 
5 bile network. 

The substantial part of the function of the 
terminal devices of mobile communication networks, the 
mobile stations, is the subscribe identity module 
(SIM, Subscriber Identity Module) . When you separate 

10 the actual terminal device and the subscriber identity 
module individualizing the subscriber from one an- 
other, a system is established in which specific op- 
erators may offer different services to the users of 
the mobile stations. The operator is herein used to 

15 mean an entity which has got the infrastructure of the 
mobile communication network at his or her disposal in 
order to provide mobile communication services. The 
separating of the mobile station and the subscriber 
identity module from one another enables a constant 

20 development of services connected with the mobile sta- 
tions and the introduction of new, operator-specific 
services. The functional interface between the mobile 
station and the subscriber identity module has been 
described in the specification TS 100 977 V7 . 3 . 0 

25 (1999-07) of ETSI . (ETSI, European Telecommunications 
and Standard Institute) . 

The step of development connected with the 
function of the subscriber identity module is the 
definition of the SIM Application Toolkit which de- 

30 fines specifications to the interface between the mo- 
bile station and the subscriber identity module. The 
SIM Application Toolkit is used to mean all those 
functions and mechanisms that enable the interaction 
of the applications on the subscriber identity module 

35 with the mobile station. This requires that the mobile 
station supports the functions and mechanisms needed 
in the interaction. The SIM application Toolkit has 
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been defined in the specification TS 101 267 V7 . 3 . 1 
(1999-07) of ETSI. The SIM Application Toolkit is 
logically entirely separated from the functions of the 
subscriber identity module, which are connected with 
5 the GSM system. There is a certain set of functions 
defined for the SIM application Toolkit that are con- 
nected with the signaling between the subscriber iden- 
tity module and the mobile station. The aforementioned 
logical independence of the SIM Application Toolkit 

10 enables the applications of the third party. The * ap- 
plications of the third party are used to mean, e.g. 
operator- specif ic applications. The communication be- 
tween the SIM application Toolkit and the function of 
a normal subscriber entity module happens by using, 

15 e.g. the short message service (SMS, Short Message 
Service). Other ways of communication may be, e.g. the 
USSD (Unstructured Supplementary Services Data) or the 
GPRS (General Packet Radio Service) . 

One specific problem is currently the fact of 

20 how to interchange information safely in a wireless 
application environment between the user and the SIM 
application Toolkit in such a way that the information 
to be transmitted may be modified, when required, us- 
ing, e.g. the WMLScript. The WMLScript is a command 

25 language connected with the WAP standard. 

OBJECTIVE OF THE INVENTION 

The objective of the invention is to elimi- 
nate the drawbacks referred to above, or at least sig- 
30 nificantly to alleviate them. One specific objective 
of the invention is to disclose a method and system 
which enables one to handle the input entered by the 
user in his or her terminal device safely before send- 
ing it to the SIM Application Toolkit service. 

35 



BRIEF DESCRIPTION OF THE INVENTION 
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The invention relates to applications saved 
to smart cards and to the wireless application proto- 
col environment. The objective of the invention is to 
enable and improve the use of SIM Application Toolkit 
5 applications in a WAP environment by permitting the 
interchange of information between the WAE environ- 
ment, user and the SIM Application Toolkit applica- 
tions . 

The telecommunication system in accordance 

10 with the invention comprises a telecommunication net- 
work, a terminal device which is connected to the 
telecommunication network, a smart card which has been 
inserted into the terminal device, a WAP client pro- 
gram which has been arranged in the terminal device 

15 and a SIM application Toolkit which has been arranged 
in the terminal device and/or smart card. In addition, 
the system comprises a first application which is part 
of the WAP client program. In the method, the terminal 
device comprises the necessary features for using the 

2 0 WAP. This means, e.g. that the terminal device com- 
prises a WAP client program and that the terminal de- 
vice is capable of understanding and presenting func- 
tions connected with the WAP client program. The ter- 
minal device in accordance with the invention is pref- 

25 erably a mobile station and the telecommunication net- 
work is preferably a mobile communication network. 

According to the invention, as part of the 
WAP client program a second application is added that 
is arranged to start and control the SIM Application 

30 Toolkit applications. The second application is used 
to mean, e.g. a program implemented using the 
WMLScript command language. The aforementioned first 
application is used to call the second application 
when wishing to use SIM Application Toolkit applica- 

35 tions. The first application is used to mean, e.g. a 
program written in the WML description language or in 
the WMLScript command language. The first application 
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has got a restricted number of commands at its dis- 
posal. It may be used only for the starting of the 
second application at the most. The second application 
is then used to control and manage SIM Application 
5 Toolkit applications and the interchange of informa- 
tion between the user of the terminal device and the 
SIM Application Toolkit applications. The second ap- 
plication has got the possibility of using more com- 
mands for the use of SIM Application Toolkit applica- 

10 tions. The second application may, e.g. ask the user 
for an input, edit it and send the input after editing 
it to a SIM Application Toolkit application. There is 
necessarily no need to edit the input defined by the 
user, instead the input may be sent from the second 

15 application to a SIM Application Toolkit application 
as it is. The second application may only be used to 
activate a SIM Application Toolkit application at the 
most . 

The second application may be loaded into the 

20 terminal device, e.g. via the telecommunication net- 
work. To make sure of the origin of the second appli- 
cation, its program code may have been digitally 
signed by a trusted third party. The trusted third 
party is an entity which, e.g. ensures the integrity 

25 of the signed object. To authenticate the signature, 
the public key of the sender of the second application 
has to be made available to the terminal device or the 
smart card. The availability of the public key may be 
arranged, e.g. via the telecommunication network. By 

30 means of the public key it is possible to make sure of 
the origin of the second application and of the reli- 
ability of the program code. The checking of the 
authenticity of the second application may also be 
made by a WIM-card (WIM, WAP Identity Module) . The 

35 smart card may in this context mean, e.g. the same as 
the subscriber identity module. Furthermore, the smart 
card may refer to a subscriber identity module com- 
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prising a WIM. Alternatively, the smart card may be a 
WIM card. 

For the use of a SIM Application Toolkit, ad- 
ditional information may be retrieved, e.g. via the 
5 telecommunication network. The information retrieval 
may be arranged, e.g. by means of the second applica- 
tion. The additional information is used to mean, e.g. 
a piece of definition information or a definition file 
which comprises information of the use of a SIM Appli- 

10 cation Toolkit application or of its presentation. 

The system in accordance with the invention 
comprises a second application which has been arranged 
to start and control SIM Application Toolkit applica- 
tions, means for calling the second application by 

15 means of the first application when wishing to use 
SIM Application Toolkit applications, and a first 
means of communication which is used to control SIM 
Application Toolkit applications and manage the inter- 
change of information between the user of the terminal 

20 device and SIM Application Toolkit applications. 

The system comprises a transmitter which may 
be used to send an interrogation message from the sec- 
ond application to the user of the terminal device. 
The editor in turn is used to edit the input defined 

25 by the user before the edited information is sent to 
the SIM Application Toolkit by means of the second 
means of communication. 

In one embodiment of the invention, the sys- 
tem comprises a first information retrieval entity 

30 which is used to load the second application into the 
terminal device or smart card. Further, in another em- 
bodiment, the system comprises a trusted third party 
which signs the program code connected with the appli- 
cation with a digital signature. 

35 In an embodiment of the invention, the system 

comprises a second information retrieval entity for 
loading the public key of the sender of the second ap- 
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plication into the terminal device and/or smart card, 
and means for checking the origin of the sender of the 
second application. 

In an embodiment of the invention, the system 
5 comprises a third information retrieval entity which 
is used to retrieve additional information for the use 
of SIM Application Toolkit applications. 

In an embodiment of the invention, the system 
comprises a server which is connected to the telecom- 
10 munication network and from which it is possible to 
load the second application into a terminal device or 
smart card. 

Thanks to the present invention, it is possi- 
ble in a WAP environment to handle information to be 
15 sent to SIM Application Toolkit applications before 
the transmission. Furthermore, the invention makes it 
possible for the third parties to use applications 
stored on a smart card. 



20 BRIEF DESCRIPTION OF THE DRAWINGS 

In the following section, the invention will 
be described in detail by the aid of examples of its 
embodiments, in which 

Fig. 1 represents one advantageous example of 
25 the system in accordance with the invention, 

Fig. 2 is a flow chart illustrating the func- 
tion of the present invention, and 

Fig. 3 is a signalling diagram illustrating 
the function of the present invention. 

30 

DETAILED DESCRIPTION OF THE INVENTION 

The system as shown in Fig. 1 comprises a 
terminal device MS, a telecommunication network WN and 
a server SERVER. The terminal device MS and the server 
35 SERVER are in communication with the telecommunication 
network WN. The terminal device MS is preferably a mo- 
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bile station and the telecommunication network WN is 
preferably a mobile communication network. Connected 
to the telecommunication network WN in this example 
is, in addition, the trusted third party TTP. The 
5 trusted third party TTP is an entity which makes sure, 
e.g. of the integrity of the signed object. The system 
as shown in Fig. 1 comprises, in addition, a user USER 
under whose control and at whose disposal the mobile 
station MS is. In this example the mobile station MS 

10 consists of the mobile station device ME itself and a 
smart card SC. The mobile station MS may, in addition, 
comprise many other parts, components and features 
which are not necessary to present in this connection 
and which are obvious to a person skilled in the art. 

15 The mobile station device ME comprises an op- 

erating system OS and a WAP client program WAPCLIENT. 
The operating system OS is in communication with the 
user USER, the WAP client program WAPCLIENT and the 
smart card SC. Also the user USER may have a direct 

20 contact with the operating system OS. 



identity module SIM. If the smart card SC is a sub- 
scriber identity module, it may also comprise a WIM. 
In such a situation, the SIM functionality and the WIM 

25 functionality connected with the mobile communication 
network WN may use different logical channels. The WIM 
is used to mean a protected device, instrument or part 
which is used to perform different measures and saves 
of WAP connected with the security. The WIM may be 

30 used, e.g. to perform security measures connected with 
the WTLS and application level. Specifically, the WIM 
may be used to save and process information which is 
needed in identification and authentication. The smart 
card SC may, in addition, be used to mean merely a WIM 

35 card. 



client program WAPCLIENT comprises among other things 



The smart card SC is preferably a subscriber 



In the example as shown in Fig. 1, the WAP 
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a first application WMLSCRIPT which is written, e.g. 
in the WML description language or in the WMLSCRIPT 
command language, a second application DRIVER which is 
written, e.g. in the WMLSCRIPT command language, and a 
5 low-level application programming interface API. The 
first application WMLSCRIPT and the second application 
DRIVER are part of the WMLScript interpreter WSI . The 
WMLScript command language is normally written in a 
text form. This text form has to be translated into a 
10 binary form before it can be interpreted by a 
WMLScript bit code interpreter. The WMLScript inter- 
preter takes the WMLScript bit code to serve as an in- 
put and performs coded functions as they are being 
called. 

15 The first application WMLSCRIPT comprises 

means CAL for calling the second application DRIVER, 
when it is wished to use SIM Application Toolkit ap- 
plications. The means CAL for calling is used to mean, 
e.g. a function call appearing in the program code. 

20 The first application WMLSCRIPT is used to call the 
second application DRIVER via the standard application 
programming interface of the second application 
DRIVER. The arrow AR1 describes the fact that the 
function calls to be performed are abstract. 

25 The second application DRIVER comprises a 

first means of communication IP, means SND for send- 
ing, means ED for editing, a second means of communi- 
cation FW and a third means of communication 10. The 
first means of communication IP is used to control the 

3 0 SIM Application Toolkit applications and to manage the 
interchange of information between the user USER of 
the terminal device MS and SIM Application Toolkit ap- 
plications. The means SND for sending is used to send 
an interrogation message to the user USER of the ter- 

35 minal device MS. The means ED for editing is used to 
edit, when required, the input defined by the user. 
The second means of communication FW is used to send 
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the edited or unedited information defined by the user 
USER to the SIM Application Toolkit application. The 
third means of communication is used to retrieve addi- 
tional information for the use of SIM Application 
5 Toolkit applications. The first means of communication 
IP, means SND for sending, means ED for editing, the 
second means of communication FW and the third means 
of communication are used to mean, e.g. a program, 
program block or a function call. 

10 The second application DRIVER is used to call 

the low-level application programming interface API. 
The low- level application programming interface API 
comprises a standard interface via which it may be 
called. From the low-level application programming in- 

15 terface API there is a connection, e.g. via the oper- 
ating system OS of the mobile station MS to the smart 
card SC and further to the SIM Application Toolkit 
STK. The arrow AR2 is used to describe the fact that 
the function calls to be made are calls that implement 

20 SIM Application Toolkit commands. 

In the example as shown in Fig. 1 the smart 
card SC comprises a SIM Application Toolkit STK. The 
SIM Application Toolkit is used to mean all those 
functions and mechanisms that enable the interaction 

25 of applications stored on the subscriber identity mod- 
ule with the mobile station. The smart card SC com- 
prises, in addition, a first information retrieval en- 
tity LD, a second information retrieval entity IR and 
means CHK for checking. The first information re- 

30 trieval entity LD is used to load the second applica- 
tion DRIVER into the terminal device MS or the smart 
card SC, e.g. from the telecommunication network WN. 
The means CHK for checking is used to check the origin 
of the sender of the second application DRIVER. The 

35 program code connected with the second application 
DRIVER may have been signed by the digitally depend- 
able trusted third party TTP. To enable the checking 
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of the signature, the smart card SC comprises a second 
information retrieval entity IR which is used to load 
the public key of the sender of the second application 
DRIVER into the mobile station MS or the smart card 
SC. The loaded public key enables one to verify the 
signature connected with the second application 
DRIVER . 



In an embodiment of Fig. 1, the second appli- 



cation DRIVER has got the following commands at its 
disposal for the subscriber identity module: 



StartDialog 

GetMenuItems 

ResponseMenuSelection 

ResponseSelectltem 

ResponseGet Input 

ResponseGetlnkey 

Re sponseD i sp 1 ayText 

Reply Command 

EndDialog 

Fig. 2 is a flow chart illustrating the func- 



tion of the present invention. As shown in block 20, 
the first application is used to call the second ap- 
plication, when it is wished to use SIM application 
Toolkit applications. The first application WML is 
used to mean, e.g. a WML site visible to the user 
which enables one to activate different commands. The 
second application is used to mean, e.g. a program in 
the WMLScript language which enables an interactive 
operation between the WAP client program and the SIM 
Application Toolkit applications. As shown in block 
20, the first application is used to call the second 
application, when it is wished to use SIM Application 
Toolkit applications. The terminal device or smart 
card at the disposal of the user does not, however, 
necessarily comprise the second application mentioned 
above. As shown in block 21a, it is checked if the 
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second application exists. If there is no second ap- 
plication existing, it may be downloaded into the ter- 
minal device as shovm by block 21b. The second appli- 
cation is loaded into the terminal device or smart 
5 card, e.g. via a suitable telecommunication network. 
The terminal device is preferably a mobile station and 
the telecommunication network preferably a mobile com- 
munication network. The reliability of the application 
to be loaded and the source address may be verified by 

10 means of the public key architecture. As shown in 
block 22, it is checked whether the public key of the 
sender of the second application is in the possession 
of the terminal device or smart card from before. If 
there is no key existing, it may be loaded, e.g. into 

15 the terminal device or smart card, e.g. via the tele- 
communication network, block 2 3a. The program code 
connected with the second application is digitally 
signed, e.g. by a trusted third party. As shown in 
block 23b, the public key enables one to make sure of 

20 the fact that the sender of the second application is 
the entity it claims to be. 

The second application is used to call the 
SIM Application Toolkit, when it is wished to use SIM 
Application Toolkit applications, block 24. As shown 

25 in block 25, the second application is used to control 
and manage SIM Application toolkit applications and 
the interchange of information between the user of the 
terminal device and the SIM Application Toolkit appli- 
cations. 

30 The service to be activated may require an 

interaction and interchange of information between the 
user and the SIM Application Toolkit application. As 
shown in block 26, it is found out whether it is nec- 
essary to take an input from the user. If the service 

35 does not require an interaction with the user, then 
the functions required by the service may be carried 
out without the interaction of the user. If the serv- 
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ice requires the information input by the user, then 
block 28 is entered via block 27. In block 28, it is 
examined whether the activated service requires that 
the input defined by the user has to be edited before 
5 sending it to the SIM Application Toolkit application. 
If it is necessary to edit the input defined by the 
user, block 29b is entered via block 29a. As shown in 
block 29b, the input given by the user is edited using 
the second application. If there is no need to edit 

10 the input defined by the user at all, then block 29 is 
entered directly from block 28. As shown in block 29b, 
the edited or unedited input is transmitted to the SIM 
Application Toolkit application. The user may be asked 
for the inputs at several different points and also 

15 several times in a row. 

Fig. 3 is one advantageous signaling diagram 
illustrating the function of the present invention. 
The example as shown in Fig. 3 comprises a user USER, 
a first application WML, a second application DRIVER, 

20 a mobile station device ME, a subscriber identity mod- 
ule SIM and a server SERVER. The mobile station device 
ME may also refer to the operating system of the mo- 
bile station. The first application WML is used to 
mean, e.g. the WML site visible to the user which en- 

25 ables one to activate different functions. The second 
application DRIVER is used to mean, e.g. a program in 
the WMLScript command language which enables the in- 
teractive operation between the WAP client program and 
the SIM Application Toolkit applications. 

3 0 The user USER chooses a service as shown by 

arrow 30. The WAP client program comprises a first ap- 
plication WML which starts the second application 
DRIVER connected with the service, arrow 31. The sec- 
ond application DRIVER sends a startup message of the 

35 traffic to the mobile station device ME, arrow 32. As 
shown by arrow 33, the mobile station device ME sends 
to the subscriber identity module SIM a notification 
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of the service chosen by the user USER. For the acti- 
vated service, a piece of information of the point of 
time is needed. The subscriber identity module SIM 
sends an interrogation message to the mobile station 
5 device ME, arrow 34. As shown by arrow 35, the inter- 
rogation message is transmitted further to the second 
application DRIVER. As shown by arrows 36a and 36b, 
the piece of information of the time is transmitted to 
the subscriber identity module SIM. 

10 The subscriber identity module SIM sends to 

the mobile station device ME an interrogation message 
asking to choose the desired service, arrow 37a. As 
shown by arrow 3 7b, the mobile station device ME 
transmits the interrogation message to the second ap- 

15 plication DRIVER. In this example, the service is used 
to mean the determining of a travel time or a notifi- 
cation informing of a traffic jam. Both of the afore- 
mentioned services require the existence of geographi- 
cal information. As shown by arrow 38a, the subscriber 

20 identity module SIM sends to the mobile station device 
ME an interrogation message inquiring the location of 
the user USER and this way also the location of the 
mobile station device ME. The mobile station device ME 
returns the piece of geographical information to the 

25 subscriber identity module SIM, arrow 38b. 



interrogation message connected with the service fur- 
ther to the user USER, arrow 3 9a. In this situation, 
the user is asked to choose the desired service. The 

3 0 choosing happens, e.g. by accepting the service by 
pushing a certain key. As shown by arrow 39b, the no- 
tification of the chosen service is transmitted to the 
second application DRIVER. In this application, the 
chosen service is that the user USER wishes to find 

3 5 out whether there are any traffic jams along a certain 
route. So that the service would function, the desti- 
nation of the journey is still needed that is found 



The second application DRIVER transmits the 
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out by message interrogations 40a and 40b. In this ex- 
ample, the destination of the user is Lauttasaari . 

As shown by arrow 41a, the second application 
DRIVER transmits the notification of the service cho- 
5 sen by the user USER to the mobile station device ME, 
which in turn transmits the notification further to 
the subscriber identity module SIM, arrow 41b. The 
subscriber identity module SIM sends to the mobile 
station device ME a message interrogation concerning 

10 the piece of destination information connected with 
the service, arrow 42a. The message interrogation is 
transmitted further to the second application DRIVER, 
arrow 42b. Since the user USER has already earlier de- 
termined the piece of destination information, it may 

15 be transmitted back to the mobile station device ME, 
arrow 42c. 

The user USER has now determined all the 
background information required by the service. The 
mobile station device ME sends to the subscriber iden- 

2 0 tity module SIM a message interrogation asking to give 
the necessary information needed in the transmission 
of the short message, arrow 43. The subscriber iden- 
tity module SIM creates a message based on the infor- 
mation and parameters connected with the service and 

25 transmits it to the mobile station device ME, arrow 
44. The mobile station device ME sends a SMS interro- 
gation to the server SERVER. The server SERVER has got 
information of the fact of whether there is a traffic 
jam between the location of the user USER and Lautta- 

30 saari. In this example, there is no traffic jam, and 
the server SERVER sends a notification thereof back to 
the mobile station device ME, arrow 45b. 

The mobile station device ME sends the re- 
ceived short message further to the subscriber iden- 

35 tity module SIM, arrow 46. The SIM Application Toolkit 
application on the subscriber identity module SIM in- 
terpreters the content of the short message and based 
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on the content, transmits the notification further to 
the mobile station device ME, arrow 47a. The mobile 
station device ME transmits the answer in accordance 
with the invention to the second application DRIVER, 
5 which in turn transmits the answer to the USER, arrows 
47b and 47c. The second application DRIVER sends to 
the first application WML a notification informing of 
the termination of the service, arrow 48. The first 
application WML substitutes the WML site visible to 
10 the USER with a new one indicating that the service is 
no longer available, arrow 49. 



examples of its embodiments, instead many variations 
are possible within the inventive idea defined by the 



The invention is not restricted merely to the 
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claims . 
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CLAIMS 

1. A method for interchanging information 
safely between the user and a SIM Application Toolkit 
application in a telecommunication system comprising: 
5 a telecommunication network (WN) ; 

a terminal device (MS) which is connected to the 
telecommunication network (WN) ; 

a smart card (SC) which has been inserted into the 
terminal device (MS) ; 
10 a WAP client program (WAPCLIENT) which has been 

arranged in the terminal device (MS) ; 

a SIM Application Toolkit (STK) which has been ar- 
ranged in the terminal device (MS) and/or smart card 
(SC) ; 

15 a first application (WMLSCRIPT) which is part of 

the WAP client program (WAPCLIENT) ; 

in which method the terminal device (MS) com- 
prises the necessary features for using the WAP, 

characterised in that the method 
20 comprises the steps of: 

including as a part of the WAP client program 
(WAPCLIENT) a second application (DRIVER) which has 
been arranged to start and control SIM Application 
Toolkit applications ; 
25 calling the second application (DRIVER) by means 

of the first application (WMLSCRIPT) when wishing to 
use SIM Application Toolkit applications; and 

controlling and managing by means of the second 
application (DRIVER) SIM Application Toolkit applica- 
3 0 tions and the interchange of information between the 
user of the terminal device (MS) and SIM Application 
Toolkit applications . 

2. A method as defined in claim 1, char- 
acterised in that 
35 the second application (DRIVER) is used to send an 

interrogation message to the user of the terminal de- 
vice (MS) , and 
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the response of the user to the interrogation mes- 
sage is being edited; and 

the edited information is sent to the SIM Applica- 
tion Toolkit application. 
5 3. A method as defined in claim 1, char- 

acterised in that 

the second application (DRIVER) is used to send an 
interrogation message to the user of the terminal de- 
vice (MS) , and 

10 the information defined by the user is sent to the 

SIM Application Toolkit application. 

4 . A method as defined in any one of the pre- 
ceding claims 1, 2 or 3, characterised in 
that the second application (DRIVER) is loaded into 

15 the terminal device (MS) or the smart card (SO . 

5. A method as defined in any one of the pre- 
ceding claims 1, 2 or 3, characterised in 
that the second application (DRIVER) is loaded into 
the terminal device (MS) or the smart card (SC) from 

20 the telecommunication network (WN) . 

6. A method as defined in any one of the pre- 
ceding claims 1, 2, 3, 4 or 5, characterised 
in that the program code connected with the second ap- 
plication (DRIVER) is signed with a digital signature. 

25 7. A method as defined in any one of the pre- 

ceding claims 1, 2, 3, 4, 5 or 6, character- 
ised in that 

the public key of the sender of the second appli- 
cation (DRIVER) is loaded into the terminal device 
3 0 (MS) and/or the smart card (SC) ; and 

the origin of the sender of the second application 
(DRIVER) is checked. 

8. A method as defined in any one of the pre- 
ceding claims 1, 2, 3, 4, 5, 6 or 7, character- 
35 i s e d in that additional information is retrieved 
for the use of the SIM Application Toolkit applica- 
tions . 
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9. A system for interchanging information 
safely between the user and the SIM Application Tool- 
kit application in a telecommunication system compris- 
ing: 

5 a telecommunication network (WN) ; 

a terminal device (MS) which is connected to the 
telecommunication network (WN) ; 

a smart card (SC) which has been inserted into the 
terminal device (MS) ; 
10 a WAP client program (WAPCLIENT) which has been 

arranged in the terminal device (MS) ; 

a SIM Application Toolkit (STK) which has been ar- 
ranged in the terminal device (MS) and/or smart card 
(SC) ; 

15 a first application (WMLSCRIPT) which is part of 

the WAP client program (WAPCLIENT) ; 

in which system the terminal device (MS) comprises 
the necessary features for using the WAP, 

characterised in that the system 
20 comprises: 

a second application (DRIVER) which has been ar- 
ranged to start and control the SIM Application Tool- 
kit applications; 

means (CAL) for calling the second application 
25 (DRIVER) by means of the first application (WMLSCRIPT) 
when wishing to use SIM Application Toolkit applica- 
tions; and 

a first means of communication (IP) which is used 
to control the SIM Application Toolkit applications 

3 0 and manage the interchange of information between the 
user of the terminal device and SIM Application Tool- 
kit applications. 

10. A system as defined in claim 9, char- 
acterised in that the system comprises: 

35 means (SND) for sending an interrogation message 

by means of the second application (DRIVER) to the 
user of the terminal device (MS) ; 
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means (ED) for editing the response defined by the 
user; and 

a second means of communication (FW) for sending 
the edited information to the SIM Application Toolkit 
5 application. 

11. A system as defined in claim 9, char- 
acterised in that the system comprises: 

means (SND) for sending an interrogation message 
by means of the second application (DRIVER) to the 
10 user of the terminal device (MS) ; and 

a second means of communication (FW) for sending 
the information defined by the user to the SIM Appli- 
cation Toolkit application. 

12. A system as defined in any one of the 
15 preceding claims 9, 10 or 11, characterised 

in that the system comprises a first information re- 
trieval entity (LD) for loading the second application 
(DRIVER) into the terminal device (MS) or the smart 
card (SO . 

20 13 . A system as defined in any one of the 

preceding claims 9, 10, 11 or 12, character- 
ised in that the system comprises a trusted third 
party (TTP) which signs the program code connected 
with the second application (DRIVER) with a digital 

25 signature. 

14. A system as defined in any one of the 
preceding claims 9, 10, 11, 12 or 13, charac- 
terised in that the system comprises: 

a second information retrieval entity (IR) for 

3 0 loading the public key of the sender of the second ap- 
plication (DRIVER) into the terminal device (MS) 
and/or the smart card (SC) ; and 

means (CHK) for checking the origin of the sender 
of the second application (DRIVER) . 

35 15. A system as defined in any one of the 

preceding claims 9, 10, 11, 12, 13 or 14, charac- 
terised in that the system comprises a third in- 
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formation retrieval entity (10) which is used to re- 
trieve additional information for the use of SIM Ap- 
plication Toolkit applications. 

16. A system as defined ih any one of the 
5 preceding claims 9, 10, 11, 12, 13, 14 or 15, char- 
acterised in that the system comprises a server 
(SERVER) which is connected to the telecommunication 
network (WN) and from which it is possible to load the 
second application (DRIVER) into the terminal device 

10 (MS) or the smart card (SC) 1 

17. A system as defined in any one of the 
preceding claims 9, 10, 11, 12, 13, 14, 15 or 16, 
characterised in that the first application 
(WMLSCRIPT) and/or the second application (DRIVER) are 

15 based on the WML language or on the WMLScript command 
language . 

18. A system as defined in any one of the 
preceding claims 9, 10, 11, 12, 13, 14, 15, 16 or 17, 
characterised in that the terminal device 

20 (MS) is a mobile station. 

19. A system as defined in any one of the 
preceding claims 9, 10, 11, 12, 13, 14, 15, 16, 17 or 
18, characterised in that the telecommunica- 
tion network (WN) is a mobile communication network. 

25 20. A system as defined in any one of the 

preceding claims 9, 10, 11, 12, 13, 14, 15, 16, 17, 18 
or 19, characterised in that the smart card 
(SC) is a subscriber identity module. 

21. A system as defined in any one of the 
30 preceding claims 9, 10, 11, 12, 13, 14, 15, 16, 17, 18 

or 19, characterised in that the smart card 
(SC) is a subscriber identity module which comprises a 
WIM. 

22. A system as defined in any one of the 
35 preceding claims 9, 10, 11, 12, 13, 14, 15, 16, 17, 18 

or 19, characterised in that the smart card 
(SC) is a WIM card. 
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